Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/7QqfN9MrnKfqPNGubxzALXYbOkM.roa
File:                     7QqfN9MrnKfqPNGubxzALXYbOkM.roa (raw, json)
Hash identifier:          Z+tJV3Ko1nNE1f7WLISg7CziyjsdsZ6F6lPRskgxoJ4=
Subject key identifier:   ED:0A:9F:37:D3:2B:9C:A7:EA:3C:D1:AE:6F:1C:C0:2D:76:1B:3A:43
Certificate issuer:       /CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Certificate serial:       018A70C94A44DB964772E8354371580B3067
Authority key identifier: 2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/7QqfN9MrnKfqPNGubxzALXYbOkM.roa
Signing time:             Thu 07 Sep 2023 17:55:54 +0000
ROA not before:           Thu 07 Sep 2023 17:55:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     216349
IP address blocks:        2a10:3f84::/30 maxlen: 30
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:70:c9:4a:44:db:96:47:72:e8:35:43:71:58:0b:30:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
        Validity
            Not Before: Sep  7 17:55:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ed0a9f37d32b9ca7ea3cd1ae6f1cc02d761b3a43
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:30:63:21:8a:d9:f0:91:6c:c8:45:32:b8:ca:
                    9d:cd:f1:f3:e4:47:64:b0:2b:50:05:1b:d5:38:6e:
                    c5:b1:fa:8a:be:68:b0:56:fa:61:2d:0c:fe:f0:d7:
                    ee:40:2f:20:d0:a3:bd:b5:de:3f:01:00:48:80:8e:
                    d0:a2:65:44:0d:d5:4f:75:6d:40:98:ed:86:20:02:
                    61:ba:46:d1:cb:0b:ab:cc:de:8d:5b:47:85:65:06:
                    df:81:07:55:17:7b:92:b5:c5:05:05:3f:10:b2:5a:
                    27:dd:6f:71:65:1e:5d:fb:a9:7b:bc:d3:69:d5:dc:
                    1a:71:29:ae:36:dc:8f:68:3a:d2:f0:ee:34:04:cb:
                    af:35:99:05:fc:be:18:19:32:ae:5a:57:7c:43:df:
                    91:3d:8a:cc:a8:30:8f:ab:2e:28:2e:37:47:d8:4c:
                    e4:96:d0:de:43:f2:b7:23:0c:ad:93:90:6d:0f:c5:
                    fe:7c:fe:f7:20:db:ea:b9:fb:11:80:19:b6:b0:f9:
                    cb:4d:1f:e5:43:e7:cc:c9:91:ad:cc:c1:4b:09:97:
                    02:ac:92:b2:a3:e6:b5:9e:4e:41:e3:ba:f7:5e:de:
                    3b:a0:ed:d0:c8:f2:16:50:42:d5:ce:d2:cb:fa:f8:
                    39:4e:62:a1:83:3f:56:2a:e5:ef:c3:84:7f:bc:bf:
                    d9:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:0A:9F:37:D3:2B:9C:A7:EA:3C:D1:AE:6F:1C:C0:2D:76:1B:3A:43
            X509v3 Authority Key Identifier:
                keyid:2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/7QqfN9MrnKfqPNGubxzALXYbOkM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:3f84::/30

    Signature Algorithm: sha256WithRSAEncryption
         14:0a:a7:74:0d:aa:07:2c:50:ba:63:05:2d:a7:2c:1c:d2:cc:
         10:80:60:be:d4:81:7e:9d:5e:51:0f:38:ce:7c:9c:6d:f1:4b:
         e2:ef:eb:03:61:f8:ae:b5:9e:28:38:8d:24:51:1e:12:96:93:
         e3:60:66:71:02:74:02:03:04:0d:e6:0b:b9:71:a3:e7:c4:ae:
         c0:4a:ee:c7:c9:09:7c:d5:b0:e0:72:f4:f4:71:eb:a3:d7:3a:
         75:3c:44:5a:0a:9e:69:f4:f2:52:cc:b8:08:84:2a:df:03:86:
         54:fa:9f:d0:83:21:93:9d:78:05:88:e4:55:01:d8:e4:83:a6:
         3a:d2:dc:eb:d2:3e:81:38:bf:99:78:2d:c6:88:eb:6c:f0:4a:
         1d:3d:ef:62:69:68:21:ba:b6:99:6a:63:24:65:c1:37:9d:5a:
         98:ac:3d:c6:ce:41:ca:91:b6:3f:82:f4:a7:35:e3:5c:bb:08:
         bb:73:83:76:f6:3d:0e:43:13:7c:bb:79:27:24:6f:84:f2:db:
         ff:f6:33:fd:ad:df:a0:41:cb:04:32:aa:4c:6b:03:2d:a6:11:
         a3:24:20:5a:1b:a7:38:06:fc:0a:df:0e:49:c0:e6:0a:99:69:
         16:70:c7:33:e4:44:bb:48:d5:f9:e0:9d:8c:7c:30:34:16:7b:
         50:4c:88:70
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYpwyUpE25ZHcug1Q3FYCzBnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMTQ1YThiZGYyYmNhMTUwZjI1ZWQ1NGEyNzdiOGY2NTNl
ZmRiM2UwHhcNMjMwOTA3MTc1NTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDBhOWYzN2QzMmI5Y2E3ZWEzY2QxYWU2ZjFjYzAyZDc2MWIzYTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljBjIYrZ8JFsyEUyuMqdzfHz5Edk
sCtQBRvVOG7FsfqKvmiwVvphLQz+8NfuQC8g0KO9td4/AQBIgI7QomVEDdVPdW1A
mO2GIAJhukbRywurzN6NW0eFZQbfgQdVF3uStcUFBT8Qslon3W9xZR5d+6l7vNNp
1dwacSmuNtyPaDrS8O40BMuvNZkF/L4YGTKuWld8Q9+RPYrMqDCPqy4oLjdH2Ezk
ltDeQ/K3Iwytk5BtD8X+fP73INvqufsRgBm2sPnLTR/lQ+fMyZGtzMFLCZcCrJKy
o+a1nk5B47r3Xt47oO3QyPIWUELVztLL+vg5TmKhgz9WKuXvw4R/vL/ZPwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFO0KnzfTK5yn6jzRrm8cwC12GzpDMB8GA1UdIwQY
MBaAFCsUWovfK8oVDyXtVKJ3uPZT79s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMt
MzA0MGJlZDNjY2NkLzEvN1FxZk45TXJuS2ZxUE5HdWJ4ekFMWFliT2tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMtMzA0MGJlZDNjY2Nk
LzEvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUCKhA/hDAN
BgkqhkiG9w0BAQsFAAOCAQEAFAqndA2qByxQumMFLacsHNLMEIBgvtSBfp1eUQ84
znycbfFL4u/rA2H4rrWeKDiNJFEeEpaT42BmcQJ0AgMEDeYLuXGj58SuwErux8kJ
fNWw4HL09HHro9c6dTxEWgqeafTyUsy4CIQq3wOGVPqf0IMhk514BYjkVQHY5IOm
OtLc69I+gTi/mXgtxojrbPBKHT3vYmloIbq2mWpjJGXBN51amKw9xs5BypG2P4L0
pzXjXLsIu3ODdvY9DkMTfLt5JyRvhPLb//Yz/a3foEHLBDKqTGsDLaYRoyQgWhun
OAb8Ct8OScDmCplpFnDHM+REu0jV+eCdjHwwNBZ7UEyIcA==
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:39:32 2025 by rpki-client